Pull Request Check List

Resolves: #4439 and #3464

• Added tests for changed code.
• Updated documentation for changed code. (not needed)

PyPi repositories use the pypi.org JSON api for fetching dependencies, where for an external repo (legacy repo) the dependencies are determined by going through the files available in the repo and inspecting the metadata (actually PyPi repositories also use this method as fallback when requires_dist is None). Universal wheels are prefered, then source distribution and only after that a desperate attempt (# Pick the first wheel available and hope for the best) is made to extract the dependencies from a platform specific wheel.

It is cumbersome to retrieve this from source, the file needs to be extracted, which takes a long time, and even after it is not always certain the correct ones can be determined, due to lack of standardization and arbitrary code execution in setup.py. So either this step has to be improved, implying all past and future build systems need to be supported, or another option is to use a well defined package distribution format, which already exist. The wheel does not need to be reinvented, it just needs to be used.

As dependencies could potentially differ (although could not find an example of this easily) depending on the platform and python version, only the appropriate wheels are considered by matching with compatibility tags.

-> Using compatible wheels over sdist will result in a more correct dependency resolution at a greater speed.

for example PyQt5 (5.15.4) requires_dist

• pypi ['PyQt5-sip (>=12.8, <13)', 'PyQt5-Qt5 (>=5.15)']
• bdist ['PyQt5-sip (>=12.8, <13)', 'PyQt5-Qt5 (>=5.15)']
• sdist None

wheel : ~3s not cached, ~0.2s cached
tar.gz: ~10s both not cached and cached (needs to be extracted everytime)